Just like any other accounts, Telegram accounts are hijacking targets — primarily if they are linked to channels with a lot of subscribers.
Our cybersecurity researchers will explain everything you need to know about this new type of cyberattack and also how to protect against them.
How are Telegram accounts hacked and stolen?
The answer is through phishing. The victim receives a message from a Telegram account with an official-sounding nickname like TelegramAdmin stating that suspicious activity has been detected on their account and that the user must provide account confirmation or the account will be blocked. A link is provided to confirm the account.
The link redirects the victim to a phishing site with an address that seems trustworthy like telegram-antispam.org or telegram-verification.site.
The site is a 1 to 1 copy of the real Telegram login page: web.telegram.org.
The user is prompted to enter their phone number, confirmation code, and, if two-factor authentication is enabled, password.
Once the victim enters all of this info, the cybercriminals have everything they need to access the account and link it to another phone number. Along with the account, they get its channels.
This is how to protect your Telegram account
• Enable two-factor account authentication.
• Be wary of messages from accounts that are not in your address book, and don’t follow suspicious links.
Remember: Official Telegram accounts have badges, fake accounts do not
• Before entering personal info on any Web page, check that the connection is secure, and take a close look at the domain name of the page in the address bar. In this case, it should be telegram.org, not telegram-antispam.org, antispam-verification.com, or any such variant.
• Install a good cybersecurity solution like an antivirus with antiphishing capability on every device that permits it. Depending on which OS you are using install an antivirus for Mac, an antivirus for Windows to be fully protected against all type of cyber attacks.